IMS subsystems and FM/IMS functions access control facility

FM/IMS allows you to control which IMS subsystems a user can access when using each of the functions listed in Protected FM/IMS Functions. These functions are protected by default when you receive FM/IMS.

Table 1. Protected FM/IMS Functions
Function code Description UPDATE or READONLY
DBI Initialize dialog - generates JCL for the initialize function UPDATE
DDD Delete or define dialog - generates JCL to delete or define database data sets UPDATE
DIB Initialize - initialize databases (batch) UPDATE
IB Browse - browse a database READONLY
IBBO Batch browse dialog - generate JCL for the batch browse function READONLY
IBB Batch browse - read a database in batch (batch) READONLY
IE Edit - edit a database UPDATE
IEBO Batch edit dialog - generates JCL for the batch edit function UPDATE
IEB Batch edit - edit a database in batch (batch) UPDATE
IPRO Print dialog - generates JCL for the print function READONLY
IPR Print - print data from databases (batch) READONLY
IX Extract dialog - generates JCL for the extract function READONLY
IXB Extract - extract data from databases (batch) READONLY
IL Load dialog - generates JCL for the load function UPDATE
ILB Load - load data into databases (batch) UPDATE

You can grant or deny some or all users access to:

  1. Individual IMS subsystems by individual functions in Protected FM/IMS Functions.
  2. Individual functions in Protected FM/IMS Functions. When you grant or deny users access to individual functions, they are granted or denied access to all IMS subsystems when using these functions.
  3. Individual IMS subsystems by the update or read-only functions.
  4. The update or read-only functions. When you grant or deny users access to the update or read-only functions, they are granted or denied access to all IMS subsystems when using the update or read-only functions.

FM/IMS provides security for these functions, in one of two ways, either through RACF® (or an equivalent security product) or through the FMNSECUR exit.

If Security Server RACF® or an equivalent security product is active, the System Authorization Facility (SAF) with the File Manager enhanced security facility is used for access control and authorization verification. Authorization is controlled by FM/IMS-specific profiles in the FACILITY class. This chapter describes the FM/IMS-specific profiles that you must define to RACF® or your equivalent security product. It also describes how you define these profiles to RACF®. If you use another security product, consult the documentation for your product to determine how to define these profiles to your product.

If SAF with RACF® (or an equivalent security product) is not active when a File Manager/IMS function is started, the function access control checks are passed to the FMNSECUR user exit instead of to SAF.

To use FMNSECUR, it must be installed in the LPA. If the FMNSECUR module is required and it cannot be found in the LPA, an error message is issued and the FM/IMS function will not start.

FMNSECUR is a customizable exit. It provides FMNS macros which allow you to define a table of user names or job names, File Manager-protectable resources (called profiles), and access levels. For information on FMNSECUR, see "Setting up the security environment by using FMNSECUR".

Note:
  1. The FMNSECUR module is not used (even if present) if SAF with RACF® or an equivalent security product is active when a File Manager/IMS function is started.
  2. FM/IMS functions that are not listed in Protected FM/IMS Functions cannot be protected by RACF® (or an equivalent security product) or by the FMNSECUR exit.

The rest of this section describes how you implement security controls in RACF® (or an equivalent security product) for the functions in Protected FM/IMS Functions.